Cisco Duo Reviews

My main use case for Cisco Duo is MFA.

You can do online and offline authentication. It benefits my organization by adding an additional layer of security and keeping us more secure, whether the person is corporately connected or out in the field.

The feature that my organization started using more recently in Cisco Duo is offline authentication. It has given us the evolution into offline abilities for when they are out in the field or traveling, and they are not connecting to a known network. 

Cisco Duo can be improved by exploring a way to make it a more seamless integration and by deploying an in-house server. 

There has to be a way to make the whole process of push notifications easier, so that when I have my phone with me, I do not have to do anything. It pushes it to my phone and says, 'Yep, that's Roger,' and sends a reply back. Getting in should be totally seamless.

I have been using Cisco Duo for two years.

Cisco Duo has been very stable. When there is a bigger problem, we get notifications from Cisco Duo saying, 'Hey, we have a problem,' and that has helped us.

A couple of times, we have had some downtime, but it has not been anything that has interfered with daily productivity. We have had a random crash here or there. With the restart of the system, it goes away. It is not something for which we have been able to identify the reason.

We have not grown in size with Cisco Duo. We have added additional features over time, and it has grown with us rather well. We started out with just the basics, getting a token, and then we changed to push, and now, we have added the offline mode. We have integrated Cisco Duo into other websites, so now it pushes notifications from our websites into our mobile devices, so we get push notifications from it.

Cisco support is not good to start with. Everything stays the same; the Duo support has been timely in responding to emails, but other support sections have failed miserably because of the lack of response time, the lack of the ability to answer questions, and the lack of tracking down an expert who can help. I can continue for hours over what they have done wrong on that.

The setup was not the most complicated thing that I have had to deal with. It has been a little bit easier to set up than some of the other things.

Getting the files to set up virtual servers for it was a little more time-consuming. That was probably the hardest part of the whole thing.

I have not seen ROI with Cisco Duo; probably the opposite, because it impedes productivity time to be able to get into the system. You have to authenticate and do your regular login and your Active Directory logins. When you add that up, five minutes a day, five times a day, five days a week, you have lost two or three hours of productivity just logging in.

The cost was reasonable. Licensing was pretty straightforward for a change.

We looked at other solutions, but because we already had Cisco solutions in-house, we talked to Cisco Duo people two years ago at Cisco Live, and then we made the decision to move to Cisco Duo after that. There's always room for improvement in everything, but the integration that they have works very well with everything that we have.

Our experience with Duo's strong security authentication system when logging in has been moderate. It is a people problem because you have to get people educated and up to speed on how to do things and how to set up their tokens and get everything situated. Once it is all said and done, it is not complicated, but you have got to get people educated on how to make this stuff work.

My advice to other organizations considering Cisco Duo is to make sure of the products you want to support and how they integrate the MFA functions before you consider it. Because if your products do not support it, it may not do you as much good as you want. If they do support it, it is a great way to add additional layers of security, not only to your computers but website logins and other avenues of hardware protection. 

I would rate Cisco Duo an eight out of ten.

Our company's use case is that we are a service provider, basically a wholesale provider for the internet and the data we have. We have internal users as well as external service providers who want to connect to our company, and they use MFA from Cisco Duo.

The most valuable feature of Cisco Duo is the MFA itself, and the integration is pretty straightforward. The documentation is good.

Cisco Duo helps improve a company through security, and we have the regulatory compliances we have to meet by having Cisco Duo's MFA enabled. With Cisco Duo, we get that checkbox filled.

More documentation on how to integrate all the external applications would be beneficial for Cisco Duo. We have lots of third-party applications, especially our in-house applications, and additional documentation on how to integrate those applications for MFA using Cisco Duo would be helpful.

I evaluate the stability and reliability of the solution as somewhat tricky. Cisco Duo Access Gateway is mostly VM-based, and while I'm not sure whether there is an on-premises hardware-based solution, having this VM-based solution can be buggy. There are a lot of issues, and when something goes down or if there is an issue in the network, the whole solution goes down, affecting the whole company because the MFA is tied to login for an administrator and to login for a user. This needs to be improved; the solution, which includes the gateways and proxies connecting to it, needs to be more reliable.

I have been using Cisco Duo for around five years.

I evaluate the stability and reliability of the solution as somewhat tricky. Cisco Duo Access Gateway is mostly VM-based, and while I'm not sure whether there is an on-premises hardware-based solution, having this VM-based solution can be buggy. There are a lot of issues, and when something goes down or if there is an issue in the network, the whole solution goes down, affecting the whole company because the MFA is tied to login for an administrator and to login for a user.

The solution scales for us.

Scalability-wise, resources for the VM are mostly what is required, and we have them in-house. For the licenses, that aspect is covered with support.

I have used support for Cisco Duo.

I evaluate Cisco's support as very good. We have the highest level of support, including a tech specialized support team dedicated to our account. We have weekly and monthly meetings where they advise us on what to do, how to proceed with upgrades, or any enhancements.

Negative

When we went for an MFA, we were focused on Cisco Duo, and the way it functioned seamlessly integrated with our security policies. We did not evaluate others.

My experience with the pricing, setup costs, or licensing for Cisco Duo is straightforward. We've had good interaction with the Duo team, and they always advise us. We have the highest level of support, so they come back to us with what is the recommended licensing, expiry, renewals, and pricing.

Cisco Duo has helped my organization reduce its overall authentication-related costs. The solution is pretty concise, not having a lot of tools or integration points like other providers.

When I look at the solution compared to other vendors, Cisco Duo is a one-stop shop for the whole MFA, so percentage-wise, I would say it's about 50%.

This 50% savings is over the five years.

Evaluating the delivered cost, I find the choice to go with Cisco Duo is good. There were not many options available in the market. We had Cisco Duo, and we just appreciated the way it's delivered. It's functionally doing the MFA, and we went for it.

When we went for an MFA, we were focused on Cisco Duo, and the way it functioned seamlessly integrated with our security policies. We did not evaluate others.

I am not currently using Cisco Identity Intelligence.

I have not noticed an increase in phishing attacks in my organization recently.

I have not implemented Cisco Duo's end-to-end phishing resistance.

We manage user identities through our own Active Directory internally, not through Cisco Duo Directory.

Cisco Duo integrates with other products well; I've not had an issue, except for the custom-based applications where we faced a lot of challenges. We had to work with the Cisco Duo team to integrate our service provider applications, OSS/BSS.

My overall review rating for Cisco Duo is 8.

The main use cases for Cisco Duo are for people who don't have a multi-factor authenticator. This is concerning because when you work in IT, you assume you are talking to technical people. Sometimes they are a director of the IT department, and when I ask them, "What do you have for an MFA?" they respond, "We don't." So I say, "Okay, let's talk about Cisco Duo and how you can implement it in order to secure your organization." That's the main case.

We place Cisco Duo Identity Intelligence with the customers against Shadow IT because sometimes we have the feeling that the customers have a lot of platforms. They have thousands of accounts they are using. In general, customers are using around 100 SaaS applications in a company, and sometimes they don't really know what they have. Sometimes, some workers are not there anymore, and it's possible that they can lose track of who is still in the company and who is not. That's why with Cisco Duo Identity Intelligence, I am able to provide a complete overview of what they have. Now they can check who is still using the system. It's good against Shadow IT, but it's also good if you are paying for an app and you don't use it anymore. You can cancel the subscription and get some money back.

What is good with Cisco Duo is I have to explain that it's not just an MFA because some customers already have an MFA in place. I can talk about other products from Microsoft or any other product, and they say, "We already have an MFA." So I have to explain to them that Cisco Duo is not just an MFA. With an MFA, you want to access something, and the MFA is going to check if you can enter, yes or no. It's not going to check your background or what you have. Cisco Duo is a pre-MFA and post-MFA. With Cisco Duo it's checking if you are allowed to submit a request to access this. If your company is just working with Windows and you are trying to access with a Mac, Cisco Duo is going to be able to say, "Why are you working with a Mac? It's not allowed," so you're not going to have a request. Or if you are, for example, working in Germany and you only have workers in Germany, and suddenly your IP address is in Spain, then I can explain to the customer, "Okay." The customer might say, "Okay, I have a request from Spain, but we don't have people working in Spain, even remotely. So we will block it directly." That's the good thing. It's comparable to when you want to go to a nightclub, they ask you if you are 18, but they also check it with your ID card and everything. It's the same with Cisco Duo. They do a complete check of you before you access.

I have not implemented Cisco Duo's end-to-end phishing-resistant capabilities such as proximity verification.

I have not deployed Cisco Duo Directory to manage the user identities, not yet, because since a lot of customers already have their own directories, it was not necessary with Cisco Duo. We still talk about it, but it was not necessary as of right now.

I have been using Cisco Duo for two years.

I would assess the stability and reliability of Cisco Duo as good. I have nothing to say. It's never had downtime, nothing. Cisco Duo cannot see your password. It's just sending the request. At no point in time does it see or save your password. That's also the good thing. And it's working with everything, and it's native on Linux. This means with some other products, I can get Linux to work, but I have to do some tricks. With Cisco Duo, it's already in. So if I have a server with Linux, it's perfect.

I think Cisco Duo is scalable in a growing company and it works well. It's very scalable. I can add users, and as far as I remember, if I cross the line with the users, I will get a notification stating, "You need to upgrade," but it's not blocked. This means it's not that I add one user and now everything is locked. I have a lot of leeway. I can improve, and I will have a notification and still have time to pay more. Regarding the scalability, I just add one new customer, and after I upgrade my license directly from the dashboard as an admin, that's it. There's nothing else to do.

I had something before Cisco Duo. It was a Windows MFA. I don't know the name. A Windows solution. But once again, the Windows solution is like, "Can you go in, or not? Is it you?" "But where are you? And is it really you?" That's the problem.

The experience of the deployment with Cisco Duo is pretty rough. The software itself is good. The software itself is not the problem. The problem with customers is I have to change their habits. There are some people who don't want an MFA on their phone. It's easy for people who have a company phone and people who have a private phone. In some companies, they just have a private phone; they don't have a company phone. Since it's not always GDPR-friendly, with an MFA I can still send some information. Some people don't want to do it. I think it's rough in the sense that I have to educate the customers to use it and install it, because some people don't want to install it. Or if they really don't want an app, I still have the possibility to buy keys or to install a token on a USB key. But the deployment with the software itself is good. It's more about doing the education for the customers.

I have seen a return on investment with Cisco Duo. The good thing is the MFA is free. I can use it. I have Cisco Duo on my phone for free, so everybody can use and install it, up to 10 users. So it's good. I can start with this. The return on investment is that I present the product, and the customer, even if he doesn't click immediately about the features, after that, he will just log himself into the panel and see, "Oh, there's this. I would like to try this feature." So he will upgrade your service because as soon as he discovers new functionalities and thinks it is cool, then he will buy it. The return on investment is very nice.

I did not really consider another solution before selecting Cisco Duo.

I haven't noticed an increase in phishing attacks lately. We do have some in our company. We saw an improvement. I think it's always the same as before, but now it's more improved. It's comparable to the following scenario: "We are the police and you did access a website you were not supposed to. This is the company headquarters. Please click here in order to report yourself or you will be fired." I think there's been an improvement in creativity. Not in numbers, but in creativity. Before there was, "You've won an iPhone" or "You've won one million. Please click here." Now they cannot do this anymore. You have to improve your creativity to find a new way to trick the customers.

The pricing for Cisco Duo is really good in the sense that you can try it. There are different packages, and you can choose the one that fits you the most, and you can try it for free for 30 days. So it's a very good catch. And for the price, I think it's worth it. I have not received any bad feedback about the price. I think it's okay.

We were talking about proximity with Bluetooth for Cisco Duo, but now it's been released, which is good because sometimes attackers use MFA fatigue, which means they will bombard you with push requests for everything. But now you need the device you're using to log in to be connected via Bluetooth next to the device you are also using to log yourself in. So that's good. It was one feature I had the idea for, and now I saw that they are doing it. That's excellent.

I would rate this review a 9 out of 10.

Cisco Duo's main use case is with Federal, specifically a version for the government, positioned side-by-side with Okta. Originally, it was implemented with the Department of Defense, which ran the traditional Oracle IAM. Someone convinced them that the Oracle IAM was obsolete, so they decided to reverse engineer the entire system. The migration involved reverse engineering the Oracle IAM into Cisco Duo and Okta, transitioning from on-premises to the cloud while maintaining integration with Oracle Cloud due to their heavy investment in Oracle Cloud for EBS, HCM, and enterprise ERP systems.

The best features of Cisco Duo include easy integration. I could do a lot of things with Cisco Duo comprehensively. Multiple types of MFA are available, and the fact that it passed the certification with the Department of Defense gave Cisco Duo an A+.

I use Cisco Duo's Advanced Identity Threat Detection and Response feature, which includes all the necessary counterparts. It has the intelligence to detect threats, performs risk assessment, and then provides a score to determine whether someone is legitimately attempting to sign in.

This feature has been helpful because it validates while maintaining trust. The trust but verify design principle is fundamental. Cisco Duo includes the Zero Trust Architecture, where everything lists a privilege, and from there, Privileged Access Management applies. If you want to elevate someone and give them additional privileges, the system handles that process.

I have not had the chance to rate Cisco Duo's support because I pass my documentation to the group responsible for creating tickets, as being a contractor, I don't have the account permissions to create tickets myself. I document everything with screenshots and pass it along. Based on what I heard regarding their response, Cisco Duo's support is pretty good. They are responsive and accurate in their responses, and they do their homework. This is one thing I now observe as a stark contrast with Oracle, where the support experience is terrible. You need to create a ticket, and then I have to call back and create another ticket just to monitor the first ticket. With no responses on those two, I had to create a third ticket to monitor the second ticket. I created about 33 tickets on this IAM thing because there was an intermediary, Accenture Federal. I created about 33 tickets just to monitor the previous tickets, and no resolution was given. I came up with my own solution.

I am not involved with Cisco Duo's pricing, so I am the person where they said, 'We bought this product, go ahead and do your magic.'

I was introduced to Cisco Duo when I worked for University of Massachusetts in 2012. I have had multiple projects since then because I have encountered clients with all kinds of IAM. One group does not want to give up their IAM because it works well with their application.

Cisco Duo is stable and reliable in my opinion. The fact that it goes into production means it goes through the ATO process, where everybody tests it and different groups conduct their own testing. I have not encountered any issues unless we patch the environment. The only downtime I have encountered is during patching, but that is not due to Cisco Duo. That is part of the maintenance standard operating procedure.

Cisco Duo is pretty scalable.

Based on what I heard regarding their response, Cisco Duo's support is pretty good. They are responsive and accurate in their responses, and they do their homework.

Positive

The main differences between Cisco Duo and Okta for IAM solutions are that Okta does not have an exclusive product tagged as Federal. It depends on the person designing it. The way I made Okta comparable with Cisco Duo Federal is by attaching it to CAC, which is used by the military as military ID. That is the only way it becomes federal level because you are using another form of identification. With Cisco Duo, it is embedded within the system. However, somehow, the Department of Defense got sold on the idea that Okta is the way to go. Gradually, Cisco Duo is there because of Cisco. The name Cisco behind it makes it a really powerful product.

I have experience with Cisco Duo across different IGA and IAM security products including Oracle IAM, Okta, SailPoint, Ping, Cisco Duo, Active Directory, and Entra ID, which is Microsoft's offering.

My experience with Cisco Duo's strong security authentication system has been good. It is seamless and easy to integrate. It is flexible.

Cisco Duo's IAM is evolving because it now includes AI. I am not sure if I have fully used OAuth, the authorization component. I think it is there, but I just have not fully played with it. The OAuth, OpenID, and SAML are all present, but this IAM is evolving.

I have not had the chance to use Cisco Duo's conversational AI interface for administration tasks. Everything now is AI-enabled, but the government is very cautious about that. It is a switch that you can turn off and turn on if you want it.

The passwordless environment has been the subject of a huge debate about passwords. I even gave a presentation with the Department of Energy, and they did not like the way I presented it. I made a joke and said, 'With passwords, you need to extract the blood of the person you want to authenticate, aside from the password,' and they did not like that. They said it was too bloody. With passwordless authentication, FIDO 1, 2, and 3 are the direction everything is going. Everything is keys now, anywhere, and tokens. That is why Oracle IAM was dropped from the equation.

Cisco Duo is hybrid. First, they want to see it on-premises, and from there, it evolves because of the way things are deployed. They start with the application, the databases are on-premises, and then the applications are moved to the cloud. That becomes a hybrid situation, and then one by one, the databases are transported to the cloud.

When you work on government projects, everything is there with Cisco Duo. AWS, Azure, GCP, and Oracle FedRAMP are all available. It is multi-cloud.

I would rate this review a 9 overall.

I have been working with Cisco Duo for close to three years now. As an administrator and IAM consultant, I use Cisco Duo primarily for Single Sign-On, MFA, or integrating applications with different security protocols. The whole point of having Cisco Duo is to ensure that you have a centralized point of managing where all devices, users, and identities are in your system or infrastructure.

It helps in securing the applications.

I think Cisco Duo's identity intelligence capabilities are effective as long as you give the right policies to them. Defining your own set of policies is crucial to successfully utilizing the product's advanced features.

The thing that I appreciate the most about Cisco Duo is the ease of setup. The implementation team does not have to spend more time on implementing or integrating the product. Their responsiveness is commendable, and they are easy to adapt to new trends in the market, which suits our business needs. The pricing of Cisco Duo is also quite reasonable compared to other products.

The Advanced Identity Threat Detection and Response feature is similar to what I explained regarding AI and identifying threats.

Windows Hello is a new feature Cisco Duo has started using recently. It allows a user to connect to the VPN and get access to applications without needing to re-enter passwords. Once a user is authenticated against the VPN in Cisco Duo, the Windows Hello feature allows immediate access to applications without requiring another password entry.

Conversational AI in Cisco Duo is limited in its current application. AI might help identify trends or user behavior as a threat, but its implementation needs to be directed.

So far, I have not seen much need for improvement in Cisco Duo. It is user-friendly and reasonably priced, but it lacks some dynamic identity management features compared to other products such as SailPoint.

From a stability perspective, I find Cisco Duo reliable as both products are hosted through AWS, contributing to a good security posture.

I think Cisco Duo scales effectively with the growing needs of my organization. They are understanding our expectations regarding changes and feature add-ons.

I have raised many queries with Cisco Duo's technical support, and they have provided prompt responses. If I need further explanation, they get on a call with me.

The deployment of Cisco Duo is quite easy.

The implementation team does not have to spend more time on implementing or integrating the product.

Regarding the ROI with Cisco Duo, resource saving is significant. When we use Cisco Duo for Single Sign-On, employees only need to remember a single set of credentials instead of multiple passwords. The ease in password resets for admins further enhances their business efficiency.

The pricing of Cisco Duo is quite reasonable compared to other products.

I am currently working with ForgeRock and Okta as well as Cisco Duo.

Cisco Duo has been purchased by the enterprise or the employer who is actually using it from the vendor. They would help you with all the initial setup, and later on, as your team expands or the infrastructure mingles with other vendors or partners, you would also need the product to have some sort of customization for the business needs.

It is easy with Cisco Duo. I have seen one of the products which is quite easier. The branding makes it easier for the customer to trust that this is a product coming from a safe zone. The interface of Cisco Duo from the administration console point of view is quite decent.

I endorse Cisco Duo and say that you should go for it. It is quite a good product and quite easy to get used to. My review rating for this product is seven out of ten.

Cisco Duo is primarily used for two-factor authentication to access the company network.

The features of Cisco Duo that I appreciate most include an administrator's ability to see an overall view of what types of devices users use, which helps identify risks from endpoints that might not be secure enough anymore, and you can see it in one single glance.

The benefit of this feature for my company is that it provides an easy view to see what users are doing, especially with the challenge of bring your own device. Many companies do not want to provide a company device but allow users a budget to buy what they need. If someone wants an expensive iPhone, they have to contribute some of their own money to fit it within their budget, which avoids extra costs for the company while still providing insight into what users are doing.

Regarding the pricing, setup costs, and licensing, I find that for some companies using Azure, they question why they should switch when they already have Microsoft Authenticator, which can make it commercially challenging when explaining why they need to transition to Cisco Duo. I believe you do not want everything with Azure, but it is advantageous to have your security through a security or network company, which can sometimes be difficult to communicate.

There could be better communication in explaining to customers why they need Cisco Duo. Some customers, even at high management levels, express confusion about why they should pay when a free option is available.

I have not experienced any downtime or performance issues with Cisco Duo. There was one instance of a connection problem, but support resolved it in just a couple of hours.

Cisco Duo scaled very smoothly to meet my company's growing needs and fits our requirements very well.

When evaluating the support and technical service of Cisco Duo, I find it excellent. The team understands problems quickly and helps us very efficiently. I would rate the customer service and technical support a nine out of ten.

Positive

Prior to adopting Cisco Duo, I was using Microsoft Authenticator for two-factor authentication as the only other option.

The factors that influenced my consideration for a change were scalability, as it can be utilized for more than just basic needs, and the insight it provides. I appreciate that not only can a user log in with their passcode, but administrators have visibility into user activity, allowing you to see a single dashboard view in Cisco Duo, which is very easy.

My experience with deploying Cisco Duo was that it worked well. The first time for me, I thought this is it and it is working.

I have not really seen a return on investment with Cisco Duo, as for me it is more about including Cisco Duo if it is part of the deal when we design a new network and security is required, and two-factor authentication is needed.

From a partner or integrator perspective, I believe Cisco Duo has helped reduce overall authentication-related costs, as the backend is very easy to manage. In large projects, I estimate the reduction in costs with Cisco Duo might be around twenty to twenty-five percent, sometimes more, sometimes less. It depends on the specific situation, but the ease of use and the efficiency of the help desk also contribute to this, as I had a good experience when I needed them once.

For me, the choice to invest in Cisco Duo pays off as I see it as an essential component when selling a network, incorporating it within the discussion around security and Zero Trust principles.

In considering other solutions before choosing Cisco Duo, Microsoft Azure with Microsoft Authenticator came up as a competitor, and in the enterprise, I think Cisco Duo stands out as one of the biggest competitors I know, primarily because of how easy it is to integrate on the backend.

I think Cisco Duo is doing a great job overall. If I look at it and compare it to other two-factor authentication tools, the backend is very insightful.

It is already very easy to add Cisco Duo at your website or service, such as with Cisco Meraki, where the integration is very seamless, but also with tools against key loggers. It is just click, next, next, and it is always working for me.

The winning point for Cisco Duo over others is its simplicity. It is just a security solution in a box, and it integrates very easily.

My advice to other companies considering Cisco Duo is to do a trial to check it out and see at the backend what capabilities you have, and then try it. I would rate this product an eight out of ten overall.

Cisco Duo started primarily for compliance reasons but has evolved to address brute force attacks, and terminal servers and computer sign-ins, depending on the client.

The most appealing feature of Cisco Duo is the phone notification system that simply pops up on your phone. This has proven particularly beneficial for older users who historically struggled with other MFA solutions. Cisco Duo benefits the organization by fundamentally enhancing security.

It is easy to use when logging in, but at times, there's a delay in getting the pop-up on a phone, requiring users to occasionally retry authentication depending on backend services. I guess that depends on the backend or something like that. It doesn't happen all the time. Cisco Duo could be improved by making it faster.  

Maintaining ease of use while increasing security remains crucial. What used to be sufficient with just a password is no longer adequate, and even a phone pop-up might not be enough in the future.

I have been using Cisco Duo for three years.

Most of the time, Cisco Duo's stability and reliability are fine, but occasional issues occur. Intermittent downtime happens infrequently, but when it does, many users call because they cannot access their systems.

Cisco Duo scales effectively with the growing needs of the organization. The expansion of Cisco Duo's usage was smooth, and we continued using it because of its good performance.

The customer service and technical support have been good, having used them twice. I would rate it an eight out of ten. It has been pretty good.

Positive

I was not using another solution prior to using Cisco Duo.

Deploying Cisco Duo is easy. For example, we have automated setting up the terminal servers, where as soon as we make a new user, we make sure we put their email address in, and then it automatically sends them an email. They put in their information and pretty much set up the phone on their own. 95% of the people are able to do it without anyone even talking to them. 

We have not seen an ROI with Cisco Duo as it is primarily used for security.

My experience with pricing, setup costs, and licensing has been good, with no issues. I am pleased that the prices remained stable after Cisco acquired the solution.

We experimented with Microsoft's MFA, which only works with Microsoft products. Cisco Duo proved more flexible. Flexibility emerged as one of the key positives during the evaluation process of Cisco Duo.

Cisco Duo is easy to use. Setting it up is a breeze. So far, support is reachable. Hopefully, that doesn't change. On rare occasions or once in a while, it gets slow.

My advice to other organizations considering Cisco Duo is to implement it. It is easy to deploy, and the company currently has 30 clients using it. The entire onboarding process takes less than a week, though end-user adoption may extend this timeline.

I would rate Cisco Duo an eight out of ten.

In my current role, I have been Head of the Information Security section for two years. Before that, I was a network and security administrator for more than 13 years.

Regarding Cisco Duo Mobile, I am currently the admin for the portal, managing more than 500 users. It is a great system regarding multi-factor authentication, specifically after we did the integration with Active Directory, allowing us to manage the users who use the VPN, our main gateway for VPN Cisco ASA Secure, with full administration.

An important feature that saves time is the automatic unlock; when an employee forgets to approve or deny three times in a row, Cisco Duo Mobile portal locks their account. There is a feature to automatically unlock it within five or six minutes, allowing the time for this automatic unlock to be determined.

One important benefit of using Cisco Duo solution is to ensure that the person using the VPN has their username, password, and mobile; they must approve or decline if they do not have their mobile. Another important benefit is managing users who have access to the VPN because sometimes there are users designed to have access, but the system administrator forgets to remove them, which we can effectively manage from the portal itself.

I have not implemented Cisco Duo's end-to-end phishing resistance.

No additional features are needed at this time.

I rate it a nine because there is still a specific feature regarding Cisco Duo Desktop that must be enabled and optimized better than the current situation. It is not about mobile but about the desktop functionality.

I graduated with a Management Information System degree 15 years ago, and all of my experience is based in the financial sector.

I assess the stability and reliability of Cisco Duo solution as mainly stable, safe, and at 98%.

Cisco Duo scales well with the growing needs of our company; we partner with Cisco, and since all of our components are Cisco, we are always attending Cisco Live EMEAR every year, finding new solutions and technologies, importing new products to our data center regularly.

I have not expanded the usage of Cisco Duo since the first implementation.

Cisco customer support is great.

The reason for this is that all of the Cisco TAC engineers at support are fantastic. They are available 24/7, and they do not leave sessions unresolved; when an engineer's shift ends, they assign a colleague to continue solving the case.

Positive

Before adopting Cisco Duo, I did not use a different solution.

My experience deploying Cisco Duo is great and went smoothly.

What went well is that you primarily need a license to access the main admin portal and at least two servers with minimum specifications, making it easy to configure. It is straightforward, requiring just one certificate.

I encourage anyone considering implementing Cisco Duo to move to Cisco Duo Mobile.

I did not evaluate other solutions from other vendors before implementing Cisco Duo.

Recently I have seen an increase in phishing attacks in our organization. These attacks feel like they are getting more sophisticated. 

I did the integration with Active Directory instead of deploying Cisco Duo Directory to manage user identities. In the financial sector, Cisco Duo is fine as it is.

Regarding the price, the pricing of Cisco Duo is okay.

The main reason to implement Cisco Duo is that all of our data center infrastructure is Cisco. If we connect everything, the visibility will be 100%, which is why we need to cover everything with Cisco.

I am currently using Cisco Identity Intelligence.